summaryrefslogtreecommitdiff
path: root/source3/lib/sharesec.c
AgeCommit message (Collapse)AuthorFilesLines
2012-08-31Change the S3 fileserver over to se_file_access_check().Jeremy Allison1-1/+1
Don't set the priv_open_requested yet until the open-for-backup request is correctly passed in.
2012-06-15dbwrap: dbwrap_store_int32->dbwrap_store_int32_bystringVolker Lendecke1-6/+6
Signed-off-by: Michael Adam <obnox@samba.org>
2012-06-15dbwrap: dbwrap_fetch_int32->dbwrap_fetch_int32_bystringVolker Lendecke1-2/+2
Signed-off-by: Michael Adam <obnox@samba.org>
2012-01-18s3: Add a "lock_order" argument to db_openVolker Lendecke1-1/+2
This will be used to enforce a lock hierarchy between the databases. We have seen deadlocks between locking.tdb, brlock.tdb, serverid.tdb and notify*.tdb. These should be fixed by refusing a dbwrap_fetch_locked that does not follow a defined lock hierarchy.
2011-10-11s3:dbwrap: change dbwrap_store_int32() to NTSTATUS return typeMichael Adam1-9/+15
for consistency and better error propagation
2011-10-11s3:dbwrap: convert dbwrap_fetch_int32() to NTSTATUS return codeMichael Adam1-3/+11
Return the int32 value retrieved from the db by reference. Before this, return value "-1" was used as a error indication, but it could also be a valid value from the database.
2011-10-11s3:sharesec: convert sharesec.c to use dbwrap wrapper functionsMichael Adam1-18/+24
Avoid direct use of the db_record and db_context structs
2011-10-11s3:dbwrap: convert dbwrap_fetch(), dbwrap_fetch_bystring() and ↵Michael Adam1-2/+2
dbwrap_fetch_bystring_upper() to NTSTATUS
2011-07-29s3:dbwrap: move all .c and .h files of dbwrap to lib/dbwrap/Michael Adam1-1/+1
Autobuild-User: Michael Adam <obnox@samba.org> Autobuild-Date: Fri Jul 29 13:34:22 CEST 2011 on sn-devel-104
2011-07-29s3:dbwrap: move db_open() to a file dbwrap_open.c of its own.Michael Adam1-0/+1
Also start new folder lib/dbwrap/ where dbwrap_open.c is stored and make the fallbacke implementation functoins non-static and create a dbwrap_private.h header file that contains their prototypes.
2011-07-26s3:lib change default share security access maskChristian Ambach1-3/+3
when there is no share SD set, the default share SD that is used e.g. for the output of sharesec -v defaults to a value that is not equivalent to the desired FULL access. This is a more or less a cosmetical follow-up for the patches in Bug #8201 that makes them more consumeable by printing FULL (that is what the user expects) instead of a bitmask in hexadecimal form. previous output: REVISION:1 OWNER:(NULL SID) GROUP:(NULL SID) ACL:S-1-1-0:ALLOWED/0/0x101f01ff with patch: REVISION:1 OWNER:(NULL SID) GROUP:(NULL SID) ACL:S-1-1-0:ALLOWED/0/FULL Autobuild-User: Christian Ambach <ambi@samba.org> Autobuild-Date: Tue Jul 26 15:57:55 CEST 2011 on sn-devel-104
2011-07-06s3:sharesec: return an error if get_share_security() returns NULLStefan Metzmacher1-1/+1
This indicates an error, as it uses get_share_security_default() if no security descriptor is configured. Jeremy, please check. metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Wed Jul 6 15:40:23 CEST 2011 on sn-devel-104
2011-07-06s3:sharesec: also initialize pgranted if get_share_security() returns NULLStefan Metzmacher1-0/+3
metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Wed Jul 6 12:54:30 CEST 2011 on sn-devel-104
2011-07-05s3: Return "granted" from share_access_checkVolker Lendecke1-2/+8
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-06-09s3-talloc Change TALLOC_ARRAY() to talloc_array()Andrew Bartlett1-1/+1
Using the standard macro makes it easier to move code into common, as TALLOC_ARRAY isn't standard talloc.
2011-05-06s3: only include tdb headers where needed.Günther Deschner1-0/+1
Guenther
2011-03-30s3-includes: only include system/filesys.h when needed.Günther Deschner1-0/+1
Guenther
2010-10-12libcli/security Provide a common, top level libcli/security/security.hAndrew Bartlett1-0/+1
This will reduce the noise from merges of the rest of the libcli/security code, without this commit changing what code is actually used. This includes (along with other security headers) dom_sid.h and security_token.h Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Tue Oct 12 05:54:10 UTC 2010 on sn-devel-104
2010-09-11s3:auth Remove NT_USER_TOKENAndrew Bartlett1-1/+1
The all UPPER case typedef is no longer the preferred Samba style and this makes it easier to see that this is the IDL-derivied structure Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-08-26s3-build: use dbwrap.h only where needed.Günther Deschner1-0/+1
Guenther
2010-05-31s3-build: only use ndr_security.h where needed.Günther Deschner1-0/+1
Guenther
2010-05-21s3:dom_sid Global replace of DOM_SID with struct dom_sidAndrew Bartlett1-1/+1
This matches the structure that new code is being written to, and removes one more of the old-style named structures, and the need to know that is is just an alias for struct dom_sid. Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-18s3-secdesc: remove "typedef struct security_descriptor SEC_DESC".Günther Deschner1-9/+9
Guenther
2010-05-18s3-secdesc: remove "typedef struct security_acl SEC_ACL".Günther Deschner1-2/+2
Guenther
2010-05-18s3-secdesc: remove "typedef struct security_ace SEC_ACE".Günther Deschner1-3/+3
Guenther
2010-05-18s3: Remove use of iconv_convenience.Jelmer Vernooij1-1/+1
2010-03-22share_info.tdb could use non-canonicalized sharenames.Jeremy Allison1-14/+143
Fix this by moving canonicalization into lib/sharesec.c. Update the db version to 3. Ensures we always find share names with security descriptors attached. Jeremy.
2009-08-26s3/smbd: open the share_info.tdb on startup instead of tconxSteven Danneman1-1/+1
This is a small performance optimization. Instead of opening the tdb on every smb connection in the forked child process, we now open it in the parent and share the fd. This also reduces the total fd usage in the system.
2009-01-01Add iconv_convenience argument to size functions.Jelmer Vernooij1-1/+1
2008-12-28Make sure share_info.tdb is open before attempting to delete an entrySteven Danneman1-2/+6
2008-10-31Another unused variable.Jeremy Allison1-1/+0
2008-10-31Unify se_access_check with the S4 code. Will makeJeremy Allison1-2/+2
calculation of SEC_FLAG_MAXIMUM_ALLOWED much easier for files. Jeremy.
2008-10-09Remove SEC_ACCESS. It's a uint32_t.Jeremy Allison1-4/+4
Jeremy.
2008-09-08Thanks metze for pointing out the missing extern :-)Volker Lendecke1-1/+1
(This used to be commit b62540cd48212a80c8cb4a264f740591a0229944)
2008-09-08Remove some duplicate codeVolker Lendecke1-6/+1
(This used to be commit 564bfe94ac87c918482ade65980270326dc8ed6d)
2008-08-13fixed lots of places that paniced on a failed transaction_commit,Andrew Tridgell1-1/+1
thinking it was a failure of a transaction cancel (This used to be commit 22dbe158ed62ae47bbcb41bba3db345294f75437)
2008-08-13first cut at adding full transactions for ctdb to samba3Andrew Tridgell1-1/+1
(This used to be commit f91a3e0f7b7737c1d0667cd961ea950e2b93e592)
2008-04-15lib/sharesec.c: fix the upgrade code, db_traverse returns the number of records!Stefan Metzmacher1-2/+4
metze (This used to be commit ccdebe97f85b76378e42d8cf08324228bd19cf32)
2008-04-01Convert dbwrap_trans_delete to NTSTATUSVolker Lendecke1-2/+4
Signed-off-by: Stefan Metzmacher <metze@samba.org> (This used to be commit dead193f46c2b19955ab3e5ac5ba343694f4858a)
2008-04-01Convert dbwrap_trans_store to NTSTATUSVolker Lendecke1-4/+5
Signed-off-by: Stefan Metzmacher <metze@samba.org> (This used to be commit 5f4de856af1abe63b13059bbe1615cb5877770d0)
2008-04-01sharesec: use db_open_trans()Stefan Metzmacher1-2/+2
metze (This used to be commit 1c59142ccc46616c10b98c51601361f203d542d6)
2008-04-01Convert share_info.tdb to dbwrapVolker Lendecke1-17/+64
(This used to be commit bc9b4c43b8824cd53f9ab613bcbb94cd5193f43e)
2008-03-28Fix a memory leakVolker Lendecke1-0/+2
(This used to be commit ce1bd43cdae63ff05aefaded419388e7b9e3ba9a)
2008-03-26use tdb_wipe_all() instead of tdb_wipe() - it is faster...Michael Adam1-1/+1
Michael (This used to be commit 3d2fdcd50fdbfb66a14360516836445d47eceeb0)
2008-03-25util_tdb: add a wrapper tdb_wipe() for traverse with tdb_traverse_delete_fn().Michael Adam1-1/+1
Replace all callers of traverse with this tdb_traverse_delete_fn() and don't export tdb_traverse_delete_fn() anymore. Michael (This used to be commit d4be4e30cd8c3bdc303da30e42280f892a45a8c9)
2008-01-10use talloc_tos() in share_access_check()Volker Lendecke1-8/+3
(This used to be commit ac2bb838d537ca563ad2fe770b3e1c2fe8b1d9e7)
2007-12-29Remove tiny code duplicationVolker Lendecke1-1/+1
ndr_size_security_descriptor does the same as sec_desc_size (This used to be commit bc3bd7a8e7c6e9e27acb195c86abb92c0f53112f)
2007-12-21Some C++ fixesVolker Lendecke1-3/+7
(This used to be commit 5c392c4c6e277a24d0d477902dc7856b2b46ee53)
2007-12-07Remove next_token - all uses must now be next_token_talloc.Jeremy Allison1-2/+2
No more temptations to use static length strings. Jeremy. (This used to be commit ec003f39369910dee852b7cafb883ddaa321c2de)
2007-12-05Make share_info_db_init staticVolker Lendecke1-1/+1
(This used to be commit 111502d3a2901abcff25792bed3c4038a7592410)